Mobile Konami Codes: Analysis of Android Malware Services Utilizing Sensor And Resource-Based State Changes

Thumbnail Image
Files
Boomgaarden_Mobile_Konami_Codes_2016.pdf (630.72 KB)
Authors
Boomgaarden, J.
Corney, J.
Whittaker, H.
Dinolt, G.
McEachen, J.
Subjects
Advisors
Date of Issue
2016
Date
2016
Publisher
IEEE
Language
Abstract
Challenges in static analysis of mobile malware have stimulated the need for emulated, dynamic analysis techniques. Unfortunately, emulating mobile devices is nontrivial because of the different types of hardware features onboard (e.g., sensors) and the manner in which users interact with their devices as compared to traditional computing platforms. To test this, our research focuses on the enumeration and comparison of static attributes and dynamic event values from sensors and resources within Android runtime environments on physical devices and within several online services’ analysis environments. Utilizing the results from enumeration, we develop two different Android applications that are successful in detecting and evading the emulated environments utilized by those mobile analysis services during execution. When ran on physical devices, the same applications successfully perform a pseudo-malware action and send device identifying information to our server.
Type
Conference Paper
Description
URI
https://hdl.handle.net/10945/50277
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
10 p.
Citation
Boomgaarden, Jacob, et al. "Mobile Konami Codes: Analysis of Android Malware Services Utilizing Sensor and Resource-Based State Changes." 2016 49th Hawaii International Conference on System Sciences (HICSS). IEEE, 2016.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections
Publications